Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and align cloud environments to CISA’s Secure Cloud Business Applications (SCuBA) secure configuration baselines.Â

Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls, which attackers can use to gain unauthorized access, exfiltrate data, or disrupt services. As part of CISA and the broad U.S. government’s effort to move the federal civilian enterprise to a more defensible posture, this Directive will further reduce the attack surface of the federal government networks.

The new Directive can be found at Binding Operational Directive (BOD) 25-01. To learn more about CISA Directives, visit Cybersecurity Directives webpage.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Chinese Duo Indicted For Laundering $73m in Pig Butchering Case

May 20, 2024 0 Comments 0 tags

Two Chinese nationals have been charged with laundering over $73m in a pig butchering scheme

Read More

Cloud Breaches Impact Nearly Half of Organizations

June 25, 2024 0 Comments 0 tags

A Thales report found that 44% of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes

Read More

CISA Releases Three Industrial Control Systems Advisories

April 18, 2024 0 Comments 0 tags

CISA released three Industrial Control Systems (ICS) advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01 Unitronics Vision Series

Read More